[Go to /]
Structures
Membership
Contact us

IGTF
APGridPMA
TAGPMA
REFEDS
SCI
WISE

Documents
Charter
Guidelines
One Statement Policies

CAOPS-WG
Wiki

Technical Info
CA Distribution download
Subject Locator
Find your local CA
About your certificate

Newsletter issues
Subscribe
Service notices

Tools download and fetch-crl
Technical documentation
IGTF OID Registry
SHA-2 timeline

Meetings
CERN, Geneva, CH, Feb 5-7, 2025
Amsterdam, NL, Sept 23-24, 2024

Overview
Agendas
Intranet and Reviews (closed)

IGTF Guidelines for Secure Operation of Attribute Authorities and issuers of statements for entities

These guidelines describe the minimum requirements and recommendations for the secure operation of attribute authorities and similar services that make statements about an entity based on well-defined attributes. Adherence to these guidelines may help to establish trust between communities, operators of attribute authorities and issuers, and Relying Parties, infrastructures, and service providers. This document does not define an accreditation process.

  • Guidelines for Secure Operation of Attribute Authorities and issuers of statements for entities (2022) (AARC-G071)
    Status: Endorsed by IGTF, endorsed by AEGIS (April 11, 2022)
    Formats available: OfficeXML docx, Adobe PDF
    DOI: 10.5281/zenodo.5927799.

    Guideline AARC-G071 (previously also known as G048 revision 2) evolved and clarifies the scope of the guidance for Attribute Authority operators. Specifically, we realise that the AAOPS guidelines are applicable not only ot the membership management services, but are equally relevant for the other proxy components. In the revision process, we look at generalising the guidance so that attribute-specific elements are removed and more flexibility is added to cater do the various proxy delivery models (as-a-service, bespoke, multi-tenant, and on-prem).

    Review process information: AARC Wiki.

  • AAOPS (AARC-G071) Self-assessment supporting information
    In support of the self-assessment and peer review process, an assessment sheet is provided in collaboration with the infrastructure proxies that participated in the first self-assessment: WLCG (CERN), UK-IRIS (STFC), and eduTEAMS (GEANT).

    Copy or download the self-assessment sheet or provide feed-back through comments.

Historic versions


Comments to David Groep. This site is hosted at Nikhef, subject to the privacy policy.